Presented by

James "Jimmy" Rabon

In a world of competing requirements, how can application security keep up with the rapid pace of development and still remain effective?

• Agile and DevOps put pressure on development for more rapid deployments while at the same time producing higher quality / more secure code
• Security is important (avoid the headlines!) but definitely not easy and competes for resources
• Remediation of security vulnerabilities can be costly and cumbersome, especially once the application is in production

In this presentation, James Rabon will share lessons learned by working with some of the most advanced and innovative application security customers / programs. Learn how static and dynamic analysis of applications can be made efficient and effective in some of the most dynamic development organizations. See how app sec leaders integrate application security throughout their software development lifecycle and include it in the DevOps tool chain of automation to move security testing at high velocity. Automation is your friend and we will examine where modern security tools are being included in the “treat infrastructure as code” mantra. We’ll also take a look beyond security tools and automation to the people and processes that effective application security programs use to run at high speed. A brief demo will follow for those interested.

Agenda:

• 6:00-6:30pm: Check-in, food, networking
• 6:30pm: Meeting start
• 6:45pm: Announcements, intros
• 7:00pm: Presentation - Vendor neutral “Best practices” presentation (7pm to 8:30pm)
• 8:30pm: Door prizes: Raffle, giveaways, books, etc. followed by Vendor spotlight (15 to 20 mins) post-presentation: Fortify Demo, Q&A – collect business cards
• 9:00pm: Meeting end

Jimmy Rabon began his career as a software developer for the Computer Sciences Corp before deciding to specialize in application security over seven years ago with Fortify.

He began his career in application security by serving as an on-site subject matter expert for software security and has performed countless security audits of applications (both static and dynamic testing reviews) for several large commercial and government entities. He has enabled organizations that utilized his or his team’s services, to find and fix exploitable vulnerabilities in critical systems.

Having worked as a software engineer for many years prior to specializing in application security, he understands the unique challenges that developers face when attempting to deliver secure code and can help deliver effective technology and processes to enable information assurance and development teams to work together to make software as secure as possible.

He leads a team of highly skilled application security consultants as the head of HPE Fortify professional services responsible for designing effective software assurance solutions in the Americas.

He is currently a Senior Product Manager with Fortify with a passion for building security products that solve real world problems in the most effective and efficient way possible.

Suggested Parking:

3rd Floor of the Parking Garage in any spot marked PROS Reserved

Park across the street in the parking garage on Elgin in any spot marked PROS Reserved, taking a parking receipt as you enter the parking garage. Parking is free after 7:00 PM, so you won't have to pay as you exit. Take the elevator to the 3rd floor of the parking garage and walk across the sky bridge. The HJUG meeting will be on the 2nd floor on the left just before you reach the elevator bank.

About our meeting sponsor: Hewlett Packard Enterprise

We help customers use technology to slash the time it takes to turn ideas into value. In turn, they transform industries, markets and lives.

Some of our customers run traditional IT environments. Most are transitioning to a secure, cloud-enabled, mobile-friendly infrastructure. Many rely on a combination of both. Wherever they are in that journey, we provide the technology and solutions to help them succeed.

About our venue sponsor: PROS

PROS Holdings, Inc. (NYSE: PRO) helps companies around the globe realize their revenue profit potential. PROS is the only company with a solution portfolio that improves top- and bottom-line financial results simultaneously. B2B and B2C companies count on our sales, pricing and revenue management solutions to accelerate sales, formulate winning pricing strategies and align product, demand and availability.

As the largest publicly traded software company in Houston, PROS is proud of our world-class R&D team that’s more than 300 team members strong. Our company culture values ownership, innovation and a relentless commitment to “We Care.” Ask anyone about the best part of working at PROS, and the answer will be “our people.” PROS employees are the most caring, committed, knowledgeable and talented technology professionals around. We wouldn’t have it any other way.

Java is the backbone of all our products. We’re continually looking for ways to remain on the cutting edge of technology, and we’re proud to be supporters and sponsors of Houston’s growing developer community. To find out more about what PROS is all about, please visit our website at www.pros.com.

Door Prizes and Giveaways! - must RSVP on Eventbrite to win

• JetBrains has donated one IntelliJ license to be raffled off at this month's HJUG meeting
• Hello2Morrow has donated a SonarGraph Personal license to be raffled off at this month's HJUG meeting
• Headway Software has donated a license of the new Structure101 Studio
• SemanticMerge has donated a one year license of their product to one lucky winner, and another to the speaker.

Meeting sponsored by Structure101 for Tangle free software.